CVE-2024-13294

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal POST File allows Cross-Site Scripting XSS.This issue affects POST File: from 0.0.0 before 1.0.2...

CVE-2024-13294 POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal POST File allows Cross-Site Scripting XSS.This issue affects POST File: from 0.0.0 before 1.0.2...

CVE-2024-13293

CVE-2024-13293 is a CSRF vulnerability in the Drupal POST File module affecting versions 0.0.0 through 1.0.2. The issue enables unauthenticated CSRF attacks by abusing a POST /postfile/upload endpoint to trick users into performing unintended actions. Related disclosures cite SA-CONTRIB-2024-059 ...

CVE-2024-13293 POST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059

Cross-Site Request Forgery CSRF vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects POST File: from 0.0.0 before 1.0.2...

PT-2024-10479 · Drupal · Drupal Post File

Name of the Vulnerable Software and Affected Versions: Drupal POST File versions 0.0.0 through 1.0.2 Description: The issue is related to improper neutralization of input during web page generation, which allows Cross-Site Scripting XSS. This can enable a remote attacker to conduct cross-site...

Drupal POST File module < 1.0.2 - Authenticated Multiple Vulnerabilities vulnerability

Authenticated Multiple Vulnerabilities vulnerability discovered by Pierre Rudloff in WordPress Module POST File versions 1.0.2...